SAP

Why SAP security updates are a struggle for large enterprises

CISO, cybersecurity, Don't miss, how-to, News, Pathlock, SAP, security update, strategy, tips, Video /

Why SAP security updates are a struggle for large enterprises 2025-06-05 at 07:33 By Help Net Security In this Help Net Security video, Jonathan Stross, SAP Security Analyst at Pathlock, examines why managing SAP security updates is so complex for enterprises. From highly customized, interconnected environments to the pressure of real-time patching, Strauss highlights why […]

React to this headline:

Loading spinner

Why SAP security updates are a struggle for large enterprises Read More »

Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws

China APT, exploited, Malware & Threats, Ransomware, SAP /

Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws 2025-05-15 at 13:48 By Ionut Arghire Two ransomware groups and several Chinese APTs have been exploiting two recent SAP NetWeaver vulnerabilities. The post Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws Read More »

SAP Patches Another Critical NetWeaver Vulnerability

SAP, Vulnerabilities, vulnerability /

SAP Patches Another Critical NetWeaver Vulnerability 2025-05-13 at 16:01 By Ionut Arghire SAP has released 16 new security notes on its May 2025 Security Patch Day, including a note dealing with another critical NetWeaver vulnerability. The post SAP Patches Another Critical NetWeaver Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

SAP Patches Another Critical NetWeaver Vulnerability Read More »

Compromised SAP NetWeaver instances are ushering in opportunistic threat actors

Don't miss, enterprise, Forescout, Government, Hot stuff, Incident Response, Mandiant, News, Onapsis, SAP, web shell /

Compromised SAP NetWeaver instances are ushering in opportunistic threat actors 2025-05-12 at 16:07 By Zeljka Zorz A second wave of attacks against the hundreds of SAP NetWeaver platforms compromised via CVE-2025-31324 is underway. “[The] attacks [are] staged by follow-on, opportunistic threat actors who are leveraging previously established webshells (from the first zero-day attack) on vulnerable

React to this headline:

Loading spinner

Compromised SAP NetWeaver instances are ushering in opportunistic threat actors Read More »

SAP Zero-Day Targeted Since January, Many Sectors Impacted 

China, exploited, SAP, Vulnerabilities, Zero-Day /

SAP Zero-Day Targeted Since January, Many Sectors Impacted  2025-05-09 at 14:01 By Ionut Arghire Hundreds of SAP NetWeaver instances hacked via a zero-day that allows remote code execution, not only arbitrary file uploads, as initially believed. The post SAP Zero-Day Targeted Since January, Many Sectors Impacted  appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

SAP Zero-Day Targeted Since January, Many Sectors Impacted  Read More »

Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise

exploited, SAP, Vulnerabilities, Zero-Day /

Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise 2025-05-06 at 15:39 By Ionut Arghire Threat actors are revisiting SAP NetWeaver instances to leverage webshells deployed via a recent zero-day vulnerability. The post Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise Read More »

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks

exploited, SAP, Vulnerabilities, Zero-Day /

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks 2025-04-29 at 13:34 By Ionut Arghire More than 400 SAP NetWeaver servers are impacted by CVE-2025-31324, an exploited remote code execution vulnerability. The post Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks Read More »

Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324)

Don't miss, enterprise, Government, Hot stuff, News, Onapsis, ReliaQuest, SAP /

Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324) 2025-04-28 at 13:00 By Zeljka Zorz CVE-2025-31324, a critical vulnerability in the SAP NetWeaver platform, is being actively exploited by attackers to upload malicious webshells to enable unauthorized file uploads and code execution. The vulnerability was initially leveraged in zero-day attacks spotted by ReliaQuest

React to this headline:

Loading spinner

Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324) Read More »

SAP Zero-Day Possibly Exploited by Initial Access Broker

exploited, Featured, initial access broker, SAP, Vulnerabilities, Zero-Day /

SAP Zero-Day Possibly Exploited by Initial Access Broker 2025-04-25 at 12:38 By Ionut Arghire A zero-day vulnerability in SAP NetWeaver potentially affects more than 10,000 internet-facing applications. The post SAP Zero-Day Possibly Exploited by Initial Access Broker appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

SAP Zero-Day Possibly Exploited by Initial Access Broker Read More »

SAP Patches Critical Code Injection Vulnerabilities

patch, SAP, Vulnerabilities, vulnerability /

SAP Patches Critical Code Injection Vulnerabilities 2025-04-08 at 16:29 By Ionut Arghire SAP released 20 security notes on April 2025 patch day, including three addressing critical code injection and authentication bypass flaws. The post SAP Patches Critical Code Injection Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

SAP Patches Critical Code Injection Vulnerabilities Read More »

SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver

SAP, Vulnerabilities, vulnerability /

SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver 2025-03-11 at 15:00 By Ionut Arghire SAP released 21 new security notes and updated three security notes on March 2025 security patch day. The post SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver Read More »

SAP Releases 21 Security Patches

Patch Tuesday, SAP, Vulnerabilities, vulnerability /

SAP Releases 21 Security Patches 2025-02-11 at 19:22 By Ionut Arghire SAP has released 19 new and two updated security notes on its February 2025 patch day, including six notes for high-severity vulnerabilities. The post SAP Releases 21 Security Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

SAP Releases 21 Security Patches Read More »

CISA Flags Multiple Critical Vulnerabilities Exposed Across Major Platforms

CVE-2024-45519, DrayTek, Ivanti, SAP, vulnerability, Zimbra Collaboration /

CISA Flags Multiple Critical Vulnerabilities Exposed Across Major Platforms 2024-10-08 at 09:17 By dakshsharma16 The Cybersecurity and Infrastructure Security Agency (CISA) has added multiple vulnerabilities to its known Exploited Vulnerabilities (KEV) catalog. A total of six vulnerabilities have been identified across various products, including Zimbra Collaboration, Ivanti, D-Link, DrayTek, GPAC, and SAP. Notably, these vulnerabilities

React to this headline:

Loading spinner

CISA Flags Multiple Critical Vulnerabilities Exposed Across Major Platforms Read More »

SAP Releases 16 New Security Notes on September 2024 Patch Day

Patch Tuesday, SAP, Vulnerabilities /

SAP Releases 16 New Security Notes on September 2024 Patch Day 2024-09-10 at 17:31 By Ionut Arghire SAP has released patches for multiple missing authorization check and information disclosure vulnerabilities on its September 2024 Security Patch Day. The post SAP Releases 16 New Security Notes on September 2024 Patch Day appeared first on SecurityWeek. This

React to this headline:

Loading spinner

SAP Releases 16 New Security Notes on September 2024 Patch Day Read More »

SAP Patches Critical Vulnerabilities in BusinessObjects, Build Apps

SAP, Vulnerabilities, vulnerability /

SAP Patches Critical Vulnerabilities in BusinessObjects, Build Apps 2024-08-13 at 18:46 By Ionut Arghire SAP has released 25 security notes on August 2024 Security Patch Day, including for critical vulnerabilities in BusinessObjects and Build Apps. The post SAP Patches Critical Vulnerabilities in BusinessObjects, Build Apps appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

SAP Patches Critical Vulnerabilities in BusinessObjects, Build Apps Read More »

SAP AI Core Vulnerabilities Allowed Service Takeover, Customer Data Access

AI, Artificial Intelligence, cloud security, SAP, vulnerability /

SAP AI Core Vulnerabilities Allowed Service Takeover, Customer Data Access 2024-07-18 at 18:01 By Eduard Kovacs SAP patches AI Core vulnerabilities allowing attackers to access customer data and take over the service. The post SAP AI Core Vulnerabilities Allowed Service Takeover, Customer Data Access appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

SAP AI Core Vulnerabilities Allowed Service Takeover, Customer Data Access Read More »

SAP Patches High-Severity Vulnerabilities in PDCE, Commerce

Application Security, Patch Tuesday, SAP, Vulnerabilities /

SAP Patches High-Severity Vulnerabilities in PDCE, Commerce 2024-07-09 at 20:22 By Ionut Arghire Patch Tuesday: Enterprise software vendor SAP releases patches for high-severity vulnerabilities in multiple products and tools. The post SAP Patches High-Severity Vulnerabilities in PDCE, Commerce appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

SAP Patches High-Severity Vulnerabilities in PDCE, Commerce Read More »

SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver

Patch Tuesday, SAP, Vulnerabilities /

SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver 2024-06-11 at 15:16 By Ionut Arghire SAP has released 10 new security notes on June 2024 Security Patch Day, including two addressing high-severity vulnerabilities. The post SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver Read More »

SAP Patches Critical Vulnerabilities in CX Commerce, NetWeaver

SAP, Vulnerabilities /

SAP Patches Critical Vulnerabilities in CX Commerce, NetWeaver 2024-05-14 at 18:16 By Ionut Arghire SAP has released 14 new and three updated security notes on its May 2024 Security Patch Day. The post SAP Patches Critical Vulnerabilities in CX Commerce, NetWeaver appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

SAP Patches Critical Vulnerabilities in CX Commerce, NetWeaver Read More »

SAP Applications Increasingly in Attacker Crosshairs, Report Shows

Application Security, CISA KEV, Flashpoint, Onapsis, SAP, Vulnerabilities /

SAP Applications Increasingly in Attacker Crosshairs, Report Shows 2024-04-18 at 19:46 By Ionut Arghire Malicious hackers are targeting SAP applications at an alarming pace, according to warnings from Onapsis and Flashpoint. The post SAP Applications Increasingly in Attacker Crosshairs, Report Shows appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

SAP Applications Increasingly in Attacker Crosshairs, Report Shows Read More »

Scroll to Top